10

I am wondering which private key Keychain Access in Mac OS X (Snow Leopard, now Lion) uses. Whenever I create a CSR using that app, it does not even ask for a private key to use. So which one does it use then?

I could imagine that it used the selected one, if you've selected one in your certificate list. But generating the request even works when nothing is selected at all or, making sure it's not an "invisible" selection, if the item that's selected is not a private key.

Does anyone know?

Thanks in advance

Arne

arnekolja
  • 1,687
  • 5
  • 22
  • 29

2 Answers2

7

It generates a new public/private keypair when you create a CSR in Keychain Access. The name of the key will be what you entered in the "Common Name" field when generating the CSR.

If you would like to generate a new CSR from an existing key, I do not believe this can be done entirely within Keychain Access. For how to do it with Keychain Access and OpenSSL, see How can I use an existing private key to a new iOS development certificate?

you786
  • 3,659
  • 5
  • 48
  • 74
Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • 1
    Hey, thanks for your answer. But - where can I find this automagically created keypair then? I can't seem to find it within my keychain. – arnekolja Nov 02 '11 at 10:03
  • 2
    When you choose Request Certificate From Certificate Authority in Keychain Access, it will ask you for a Common Name ... it then appear in Keychain under this common name that you gave it. – jsherk Apr 09 '12 at 02:57
  • 2
    When rightclicking a private key, you can choose "Request a Certificate from a Certificate Authority using ", but it seems to me that, as stated in the answer, it still creates a new key for it. – Zut Jul 09 '12 at 11:33
  • Hi Rop can you please tell me how to extract the private key of CSR in .p12 form.I needed this when I follow the MDM implementation link http://www.softhinker.com/in-the-news/iosmdmvendorcsrsigning in the first point of vendor.If there is something wrong then please suugest. – Imran Nov 24 '14 at 09:59
  • 1
    After you create your CSR, look in "Keys" in Keychain Access. You'll find the public and private key there. – Rob Napier Nov 24 '14 at 12:59
1

If you open the resulting certificate on your Mac, it will be added to your Keychain. When you unfold it, you'll the associated private key.

Sjors Provoost
  • 1,921
  • 1
  • 19
  • 34